Apple head honchos are nervous about cybersecurity – and one reason might be a recent supply chain attack on supplier Tata, the largest Indian company of its kind to ink a partnership with the front-running American smartphone company.

The Tata attack included two distinct components: leaks of client files, and the leak of information about an unreleased Apple 18 Pro iPhone model. Both are black eyes for the two mega-companies and their partnership. Speaking of which, I was curious about this, and I researched and found out that Tata has only been an Apple supplier since 2023, acquiring the iPhone operations of a firm called Wistron.

To be fair, Tata is a big business, with sprawling operations across verticals, including its famed auto division and the ownership of the traditional English Land Rover badge. Apple is reportedly working with Tata to address the problem, opening an investigation, and supporting Tata’s efforts at containment and mitigation.

Quick Release Security Plans

At the same time, Apple is currently changing the way it releases security patches.

Usually, tech media reports, Apple ships a new iOS with its new security tools, but now, the company is taking the unprecedented step of releasing the patches before the operating system. There are also reported efforts to shorten “dwell time,” or the time between vulnerabilities and fixes.

“The shift marks a notable change in Apple's longstanding practice of packaging security fixes with broader software releases, an acknowledgment that AI is compressing the window attackers need to exploit known flaws,” wrote Raphael Satter for Reuters yesterday.

Back to the breach: more Reuters reporting reveals that the villain of the story is a ransomware group called World Leaks, a purported re-formulation of Hunters International, which apparently ran a ransomware-as-a-service scheme before pivoting to offering free decryption tools.

And who were these clients or vendors of Apple that got impacted?

Apparently, none other than TSMC, which produces the vast majority of AI chips on the market, and Qualcomm, a smaller manufacturer.

“One 2022 document, marked ‘TSMC Secret,’ contained purported ‘product reliability test’ details of a TSMC component with photographs,” write Munsif Vengattil and Aditya Kalra . “An ‘Apple Silicon Engineering Group’ document from 2023 maps Apple parts numbers to TSMC's numbers, with details of Apple employees in the document's revision history. A ⁠purported Qualcomm document ​from 2021 shows mechanical information on the functioning of a power management integrated circuit with drawings, watermarked ‘Confidential - ​May Contain Trade Secrets.’"

New Models and Existential Security Threats

All of this aside, what many experts and people closest to AI are most worried about is agentic hacking.

Those concerns and fears crystalize in responses to Anthropic’s Mythos model and the successive rollout of Fable, where both of these models can be useful in allowing hackers to leverage agents swarms. While Anthropic’s internal teams say they found “no universal jailbreak” for Fable to get around built-in safeguards, skeptics believe that it should be fairly easy for human users to trick the model into offering security advice, which in turn can be used by hackers to compromise systems.

In addition, it seems evident to me that measurement of capabilities is going to be difficult. If our solution is to just “not let Fable talk about it,” or to hand things off to Opus, how do we know how good (or scary good) Fable is?

I found this tool called ExploitBench which purports to measure a model’s security power, and its ability to use it for good or ill. Teams should probably be doing this research now.

The end theory is that agent swarms will apply the same skill to hacking that they do to, say, managing your inbox, or putting together a report for a target audience.

Time will tell – and it won’t take a lot of time, either. Fable is out now – not next month, or next year – and Apple’s story is just a precursor to what you can imagine will be a spate of such problems, driven by open models that are just too good to protect against. Stay tuned.